<?php

namespace app\http\middleware;

use app\model\AdminStoreUser;
use app\util\ReturnCode;

class AppCheckStoreUser {

    /**
     * 店铺操作鉴权，其中的sid是前端传过来或者通过前置中间件操作设置的
     * @param \think\facade\Request $request
     * @param \Closure $next
     * @return mixed|\think\response\Json
     */
    public function handle($request, \Closure $next) {
        $uid = $request->APP_USER_INFO['uid'];
        $sid = $request->get('sid');
        //TODO 可优化
        $model = AdminStoreUser::get(['wx_uid'=>$uid,'sid'=>$sid]);
        if ($model) {
            $request->STORE_USER_INFO = $model->getData();
            return $next($request);
        } else {
            return json([
                'code' => ReturnCode::AUTH_REFUSE,
                'msg'  => '无权操作',
                'data' => []
            ]);
        }
    }
}
